Bump github.com/russellhaering/goxmldsig from 1.3.0 to 1.4.0

[dependabot]

Bumps github.com/russellhaering/goxmldsig from 1.3.0 to 1.4.0.

Release notes

Sourced from github.com/russellhaering/goxmldsig's releases.

v1.4.0

What's Changed

• Fixed a bug where attributes were sorted incorrectly during canonicalization in russellhaering/goxmldsig#91 (credit @​adamdecaf)
• Fixed a bug where canonicalizing a subset of a document did not pull in surrounding namespace declarations in russellhaering/goxmldsig#93 (credit @​rowland66)
• Fixed a bug where Signatures extracted during verification sometimes had elements in a different order than the original document @​karlovskiy in russellhaering/goxmldsig#82 (credit @​karlovskiy)
• Fixed a bug where superfluous namespace declarations were sometimes included in canonicalized documents in russellhaering/goxmldsig#94 (credit: @​rowland66)

New Contributors

• @​rowland66 made their first contribution in russellhaering/goxmldsig#93
• @​karlovskiy made their first contribution in russellhaering/goxmldsig#82

Full Changelog: russellhaering/goxmldsig@v1.3.0...v1.4.0

Commits

• 5a3be1c Merge pull request #94 from rowland66/fix-superfluous-namespace-declaration-c...
• 1245f63 Fixed the removal of superfluous namespace declarations for canonicalization ...
• 1bb67cd Merge pull request #82 from karlovskiy/find-signature-canonical-signinfo-order
• f644ba4 Add a test case for namespace inheritance in canonicalization
• 6ff53e2 Merge pull request #93 from rowland66/c14N10RecCanonicalizer-include-parent-n...
• 32aee4e Merge pull request #91 from adamdecaf/sort-matching-attr-keys-by-ns-uri
• f3f51b2 The spec for XML canonicalization REC-xml-c14n-20010315 section 2.4 requires ...
• 436aac5 etreeutils: sort attrs with matching namespaces by their NS URIs
• 21f94b7 Fix SignedInfo order in findSignature method
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.